Red Hat Bugzilla – Bug 833910
openswan doesn't recognize the loopback option
Last modified: 2014-01-22 16:25:01 EST
Description of problem:
It seems that openswan doesn't recognize option "loopback" in RHEL-7.
$ service ipsec start
failed to start openswan IKE daemon - the following error occured:
can not load config '/etc/ipsec.conf': /etc/ipsec.conf:17: syntax error, unexpected STRING [loopback]
$ head -17 /etc/ipsec.conf | tail -1
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. Run the beaker test: /CoreOS/openswan/Regression/bz711975-incomplete-policy-for-loopback-when-using
NOTE: There is also ipsec.conf included
PASS (loopback option work in RHEL-6)
This has been fixed in openswan-2.6.38-10.el7.
I can confirm the issue has dissappeared with openswan-2.6.38-10.el7 (tested on x86_64 and ppc64).
I will retest this issue on the latest RHEL7.
moving this from openswan to libreswan (as we aren't shipping 'openswan' in rhel7) Paul, you should be able to attach this bug directly to the errata.